[Nottingham] WPA2 is falling

David Aldred davidaldred at gmail.com
Tue Oct 17 15:34:13 UTC 2017 

For anyone worried about their Android, there is probably the option of
using Lineage - they have confirmed via Twitter that all builds after 11
hours ago are patched for KRACK.

David Aldred

On 17 October 2017 at 15:43, Martin via Nottingham <
nottingham at mailman.lug.org.uk> wrote:

> On 17/10/17 14:05, Jason Irwin via Nottingham wrote:
> > On 17/10/17 13:05, John wrote:
> >> 'Smart' TVs ? They'll just expect you to buy a new one. And that will
> >> still have a shed load of other vulnerabilities ..
> > Probably...
>
> Never trusted any of those things :-P - not got one :-)
>
> (Then again, not got anything TV-like in any case! Life is too short.)
>
>
> >> Can someone get onto Virgin (other **** ISP's are available) ? Good luck
> >> with getting them to roll out a firmware update. Mind you, my ASUS AP
> >> has not been patched yet.
> > Meh, I only use their !!!!!!! as the modem.
>
> Yep. Modem mode only here. Bit of a shame to waste the rest of the
> functionality, but then again, far better to enjoy FLOSS reliability
> using a little something somewhat more reliable!
>
> BTW: Cable is good for symmetric 10 Gigabit/s with DOCSIS 3.1:
>
> https://arstechnica.com/information-technology/2017/
> 10/10gbps-cable-internet-uploads-and-downloads-coming-in-docsis-update/
>
> Shame about the monopoly price jump...
>
> Also shame BT will be keeping most of the UK on the decades old obsolete
> thousands of times slower ADSL 'stop-gap' over the old telegraphy system
> of old wires...
>
> And fibre is faster, more reliable, and has just got to be lower
> electrical costs and remove many an ugly roadside box... So?...
>
>
> > In shock news, it seems MS and Apple had the patches out before any
> > GNU/Linux distro. No idea about Android, although the OEMs/carriers will
> > probably be the cause of the major delays.
>
> There's a bit of a giggle with the detail:
>
> Release the KRACKen patches: The good, the bad, and the ugly on this
> WPA2 Wi-Fi drama
> http://www.theregister.co.uk/2017/10/17/kracken_patches/
>
> #####
> ... using Android 6.0 or Linux with wpa_supplicant 2.4 or later, it's
> super easy to hijack the wireless connection. Due to a programming
> cockup, this software uses a zero key – ie, an encryption key that's all
> zeroes – when under attack by KRACK...
>
> ... Windows and iOS are largely unaffected by KRACK in that it is rather
> difficult to exploit the protocol flaws due to Microsoft and Apple's
> [mal-] implementations of WPA2 – and, in any case, patches are either
> available or incoming. Linux, Android 6.0 and above, OpenBSD 6.1, and
> macOS 10.12 and 10.9 are most at risk from KRACK's eavesdropping
> techniques due to the way they handle encryption key reuse in WPA2...
>
> On the Unix-y front, OpenBSD has a fix ready, as do Linux distros
> including Debian.
> #####
>
>
> And for such things, this is where FLOSS really is better than the
> money-making by obfuscation silliness:
>
> #####
> Finally, don't forget that the IEEE makes the whole process of
> evaluating and scrutinizing its standards for things like the WPA2
> design blunder relatively difficult...
> #####
>
>
>
> IT history of silliness repeated...
>
> For goodly Rounded discussion Thursday ;-)
>
> Cheers,
> Martin
>
>
> --
> - ╔═══════════════════╦══════════════════════════════════════════╗
> - ║   Martin Lomas    ║ OpenPGP (GPG/PGP) Public Key: 0xCEE1D3B7 ║
> - ║ martin@ ml1 co uk ║ Import from   hkp://subkeys.pgp.net   or ║
> - ║ ----------------- ║ http:// ml1 .co .uk/martin_ml1_co_uk.gpg ║
> - ╚═══════════════════╩══════════════════════════════════════════╝
>
> --
> Nottingham mailing list
> Nottingham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/nottingham
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20171017/c7c063cd/attachment.html>

More information about the Nottingham mailing list